Observations About the Paris Terrorist Attacks and Implications for Financial Institutions

© Petr Kovalenkov / Shutterstock.com

The terrorist attacks in Paris on November 13, 2015, are yet another reminder of the constant threat the global community is confronted with regarding Islamic extremists who use terrorism to exploit their depraved agendas. This horrific attack reinforces why anti-money laundering (AML) compliance professionals play such an important role in the fight against terrorism. Finance and communications are the greatest vulnerability to terrorists. Financial institutions serve as both facilitation tools and detection mechanisms for terrorist and transnational criminal organizations. Knowing this, financial institutions should stack their deck as much as possible toward detection.

Observations about the Paris Attacks

The Paris attacks were conducted by the Islamic State of Iraq and the Levant (ISIL). This attack was well planned and organized. The attack and initial global reaction played into the hands of ISIL, who used the public shock and media reporting to their exploitive advantage. The French government should be commended for declaring war and taking an aggressive response to neutralize additional threats and to diminish the exploitive advantage.

There is a six step terrorist attack cycle which includes target selection, planning, deployment, attack, escape and exploitation. This cycle was used in this attack. Targets were likely preselected, the attack was well planned to include financial requirements and the combination of homegrown and returning fighters proved to be a lethal team. As a result, the attack was successful. In addition, most of the attackers committed suicide. Hence, there was no need for an escape plan. This makes the fact that one or possibly more attackers are at large a key lead for government authorities. The last element in the cycle—exploitation—has been flaunted expertly by ISIL. As time goes on, exploitation will become less effective and more detrimental. This is particularly true based on France’s resolve and response.

What is alarming about the Paris attack are the following:

  • ISIL reached from Syria to France. This attack was carried out by a combination of homegrown violent extremists and foreign fighters who returned from Syria to participate in the attacks. There was a command and control structure that originated in Syria and was ultimately neutralized in France, following the attack.
  • The attack was well planned. This means that participants in the attack went beyond the attack team. There was a support structure to include individuals who selected the targets and conducted pre-operational planning, as well as providing logistical support.
  • The terrorists were able to use encrypted communication devices to hinder law enforcement and intelligence services monitoring.
  • Financing for the attack operatives would have more likely come from their legitimate wages, entitlement money from government programs or petty theft. There also could have been limited funding from ISIL. This type of funding would have been undetectable through transaction monitoring and other surveillance mechanisms.

Implication to Financial Institutions

The ability for financial institutions to monitor and identify suspicious activity is extremely unlikely in these situations. There is little likelihood for generating monitoring alerts. The individuals involved are less likely to have negative news implications until they are identified as participants in the attack. Their banking activity will most likely involve legitimate employment compensation or petty crimes that can be reasonably explained for due diligence purposes. In most situations, a financial institution would not identify having facilitated a terrorist as a customer until after the fact. Yet they would be confronted with reputational harm for banking the bad guys.

AML compliance professionals are extremely dedicated and committed to doing the right thing. An approach financial institutions should consider, going forward, is to follow the law enforcement model regarding Special Weapons and Tactics (SWAT) teams. SWAT teams are comprised of law enforcement officers specially trained to deal with dangerous criminal situations. Financial institutions should consider establishing Strategic and Tactical Response (STR) teams to respond to terrorists and other emergency situations to mirror the law enforcement SWAT model. In most situations, SWAT responsibility is collateral to primary investigative responsibility. The STR model should operate the same way.

When all is said and done, finance is a major vulnerability for bad guys. Even if terrorists are successful, as they were in Paris, there will be a financial footprint. If financial institutions establish well trained and nimble response teams, it would afford an additional back line weapon in the government’s arsenal to respond to terrorist acts.

Dennis M. Lormel, CAMS, internationally recognized CTF expert, president & CEO, DML Associates LLC, Lansdowne, VA, USA, dlormel@dmlassocllc.com


  1. Can you elaborate on the Strategic and Tactical Response Teams (STR)? What would that look like in a financial institution and what would be their role? I’m intrigued by your suggestion, but want more clarification. Thank you!

Leave a Reply